Sunteți pe pagina 1din 28

Address Line 1

Address Line 2
Address Line 3
Address Line 4
Postcode

Telephone No.
Website

Company_X

Business Management Manual


This Manual has been developed in accordance with the following standards:
ISO 9001:2015
ISO 14001:2015
OHSAS 18001:2007

Document title: Integrated Management Manual Document number: M01


Prepared by: Name here Reviewed by: Name here Version and date: R0 – date
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

Table of Contents

Definitions................................................................................................................................................................................ 4
1.0 General....................................................................................................................................................................... 5
2.0 Indexing and Revision Status......................................................................................................................................5
3.0 Company Background.................................................................................................................................................6
4.0 About COMPANY_X....................................................................................................................................................6
4.1 What Influences our Organisation.........................................................................................................................6
4.2 Expectations of Interested Parties.........................................................................................................................7
4.3 Scope and Applicability..........................................................................................................................................7
4.4 The Management System......................................................................................................................................7
4.4.1 System Implementation...............................................................................................................................8
4.4.2 System Validation.........................................................................................................................................8
5.0 Leadership.................................................................................................................................................................. 8
5.1 Leadership and Commitment................................................................................................................................8
5.1.1 Leadership and Company Management.......................................................................................................8
5.1.2 Customer Focus............................................................................................................................................8
5.2 Strategic Policy Management................................................................................................................................9
5.2.1 Policies......................................................................................................................................................... 9
5.2.2 Communicating our Policies.........................................................................................................................9
5.3 Implementing our Policies.....................................................................................................................................9
6.0 Planning.................................................................................................................................................................... 10
6.1 Identifying Risks and Opportunities.....................................................................................................................10
6.2 Company Objectives & Targets............................................................................................................................10
6.3 Change Management..........................................................................................................................................11
7.0 Support..................................................................................................................................................................... 11
7.1 Resources............................................................................................................................................................ 11
7.1.1 General......................................................................................................................................................11
7.1.2 People........................................................................................................................................................11
7.1.3 Infrastructure.............................................................................................................................................11
7.1.4 Environment..............................................................................................................................................12
7.1.5 Monitoring and Measuring Resources.......................................................................................................12
7.1.6 Organisational Knowledge..........................................................................................................................12
7.2 Competency........................................................................................................................................................ 12
7.3 Awareness........................................................................................................................................................... 13
7.4 Communication...................................................................................................................................................13
7.5 Documented Information....................................................................................................................................13
7.5.1 General......................................................................................................................................................13
7.5.2 Creating and Updating...............................................................................................................................14
7.5.3 Control of Documented Information..........................................................................................................14
8.0 Operation................................................................................................................................................................. 15
8.1 Operational Planning and Control........................................................................................................................15
8.2 Requirements for Products and Services.............................................................................................................16
8.2.1 Customer Communication.........................................................................................................................16
8.2.2 Determining Client Requirements..............................................................................................................16
8.2.3 Review of Client Requirements..................................................................................................................17
8.2.4 Changes to Requirements..........................................................................................................................17
8.2.5 Emergency Planning and Response............................................................................................................17
8.3 Design and Development of Products and Services.............................................................................................17

ii
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

8.3.1 General......................................................................................................................................................17
8.3.2 Design & Development Planning................................................................................................................17
8.3.3 Design & Development Inputs...................................................................................................................17
8.3.4 Design & Development Controls................................................................................................................18
8.3.5 Design & Development Outputs.................................................................................................................18
8.3.6 Design & Development Changes................................................................................................................18
8.4 Control of Externally Provided Processes, Products and Services........................................................................18
8.4.1 General......................................................................................................................................................18
8.4.2 Type and Extent of Control.........................................................................................................................18
8.4.3 Information for External Providers.............................................................................................................19
8.5 Service Provision..................................................................................................................................................19
8.5.1 Control of Service Provision.......................................................................................................................19
8.5.2 Identification and Traceability....................................................................................................................19
8.5.3 Client Property...........................................................................................................................................20
8.5.4 Preservation...............................................................................................................................................20
8.5.5 Post Delivery Activities...............................................................................................................................20
8.5.6 Control of Changes.....................................................................................................................................20
8.6 Release of Products and Services.........................................................................................................................20
8.7 Control of Project Issues and Incidents................................................................................................................21
9.0 Performance Evaluation...........................................................................................................................................21
9.1 Monitoring, Measurement, Analysis and Evaluation...........................................................................................21
9.1.1 General......................................................................................................................................................21
9.1.2 Client Satisfaction.......................................................................................................................................21
9.1.3 Analysis and Evaluation..............................................................................................................................21
9.2 Internal Audit.......................................................................................................................................................22
9.3 Management Review...........................................................................................................................................22
10.0 Improvement............................................................................................................................................................ 23
10.1 General................................................................................................................................................................ 23
10.2 Non Conformity and Corrective Actions..............................................................................................................23
10.3 Continual Improvement.......................................................................................................................................24
11.0 Standard Cross-Referencing......................................................................................................................................25

iii
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

Definitions

Term Definition

Integrated Management System, complying with the requirements of ISO 9001:2015, ISO
IMS
14001:2015 and OHSAS 18001:2007.

isCompliant Cloud based (online) management system

A document which forms an integral part of the management system. These include the
Controlled Document
policies and procedures relating to the system and templates / forms for records.

Management Record A management record is a collection of records or registers, stored within isCompliant.

A record is produced from the completion of a template or a form, stored within a module of
Record
isCompliant.

iv
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

1.0 General
COMPANY_X have designed and implemented this Business Management Manual as a means of ensuring that
a quality service and product is provided in a safe manner whilst addressing all relevant environmental impacts.
The manual has been created to identify the key tasks involved for the successful provision of our products or
services and to provide us with a tool that can be used to continually improve what we do.

Hyperlinks within this document will take you to the live areas of our cloud based management system,
isCompliant. This is only accessible if you are a COMPANY_X employee and have the appropriate
authorisations.

If you have the relevant authorisations you will be able to gain access to isCompliant here. The Manual will
provide the general information on the processes used to manage http://COMPANY_X.iscompliant.net.

2.0 Indexing and Revision Status


The numbering of this integrated management manual broadly follows the numbering used in ISO 9001:2015,
adapted for the additional requirements of ISO 14001:2015 and OHSAS 18001:2007 where appropriate. This
Management Manual is only valid if all pages are at the same issue level as shown on the front page.

5
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

Editing the relevant sections, adapting the issue level in the Revision Index and headers, and re-issuing the
entire document electronically will make updates to this manual. Relevant parties will be automatically notified
of any updates to this action via our document alerts.

3.0 Company Background


Enter basic details about the company in here; when they were established, what they do, any major milestones
etc.

4.0 About COMPANY_X

4.1 What Influences our Organisation


COMPANY_X’s purpose is to [enter details here, e.g. to providing a superior project and excellent customer
service].

In doing so, COMPANY_X recognise that this can only be achieved by managing any situation that can influence,
either internally or externally the way we deliver our service.

The External Influences can be found in the Organisational PESTEC Assessment in the Risk Assessments
Module. The Assessment deals with the Political / Legislative, Economic, Social / Cultural, Technological,
Environmental and Competition risks. This assessment is reviewed annually or whenever a major change to an
internal or external influence occurs.

The Internal Influences can be found in the Process-driven Risk Assessments in the Risk Assessments Module.

The following Internal and external influences have been summarised from the
risk assessments in isCompliant.

Context Context Description Negative Influence Positive Influence


External E.g. Legislation Open to liability and negative image Positive image of organisation
Changes

Internal E.g. Employee High expectations Influences culture and client company
perception and reputation internally and externally
reputation

6
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

4.2 Expectations of Interested Parties


The following expectations have been identified for both internal and external stakeholders.

Type Stakeholders Expectations


External E.g. Suppliers E.g.
 Consistent and fair approach to procurement.
 Fairly reimbursed for services or products.





Internal Shareholders E.g.
 A suitable return on investment.
 Verification of competent and suitable decision making within the organisation.



4.3 Scope and Applicability


This manual has been created to provide guidance on how COMPANY_X manage their activities in a safe and
effective manner whilst minimising our effects on the environment.

The document is applicable to the following COMPANY_X activities:

“[Enter the description of the company’s activities here.]”

These controls will be implemented and followed on our operations which occur both in the UK and abroad.

A Business Process Map (MR00-01), outlining the main processes within COMPANY_X and how they interact
can be found on isCompliant.

4.4 The Management System


COMPANY_X manages all internal processes using a cloud based solution called isCompliant.

The management system segregates all business processes (excluding finance and direct client relationship
management) into 15 modules. Each module details what is required to maintain compliance with the
COMPANY_X internal processes in order to meet the expectations of both internal and external influences.

The processes address all activities including operational, strategy, environmental and occupational health and
safety.

7
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

4.4.1 System Implementation

All inputs have been identified in either isCompliant or process specific procedures.

Required outputs have been detailed in the procedures that govern the modules and the project processes.

Any processes that require indicators to validate that a process has been correctly implemented are either
automated with the isCompliant Reporting function, or reviewed during periodical process audits.

Responsibilities necessary to implement the above processes are detailed in the COMPANY_X procedures,
responsibilities matrix and live system actions.

Resource gaps will be highlighted and rectified during management team meetings and process reviews.

All risks and opportunities are addressed at a strategic level in the company PESTEC and the process driven risk
assessments located in the isCompliant Risk Assessments Module.

All processes are subsequently reviewed and assessed for effectiveness on a periodical basis as detailed in the
Audits Module of isCompliant.

4.4.2 System Validation

All internal processes related to the management system are periodically reviewed for compliance. In addition
to this, isCompliant monitors key indicators and alerts the relevant personnel of deviation form expected
outputs.

This includes alerting the relevant parties of late actions, audits or meetings, assets requiring calibration or
servicing, late staff appraisals, or documents requiring review.

5.0 Leadership

5.1 Leadership and Commitment


5.1.1 Leadership and Company Management

COMPANY_X place a great deal of emphasis on leadership within the management team by having active roles
in both operational and strategic parts of the business.

Due to the nature of the management system, all management actions can be traced back to originator and
actionee. In addition to this all actions are automatically allocated to the relevant business processes, thus
enabling the management team to monitor the areas of the business that are performing well and those that
require improvement.

5.1.2 Customer Focus

The COMPANY_X management team ensure that delivery of a service in line with customer expectations is
delivered by:

1. Ensuring that we are offering a service or product that is in line with statutory and regulatory
requirements.
2. Discussing with the client / customer their existing situation and gaining a detailed understanding
(where applicable) of their general working environment / requirements.

8
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

3. Discussing with the client / customer the services and products available and assist in identifying what
best suits their needs.
4. Ensuring that we identify and confirm client requirements prior to agreeing to provide the service or
product.
5. Identifying any possible risks to customer’s expectations, and mitigating where possible.
6. Providing the service / product to the customer at the highest possible standard.
7. Once each sale is completed, reviewing our delivery for effectiveness and improvement opportunities,
whilst offering continued support.
8. Gaining feedback from customers on strengths and weaknesses.

Ensuring that the customer’s requirements are met is the key objective of COMPANY_X. By following set
procedures, COMPANY_X ensures consistency and quality in a safe working environment with limited impact
on the environment.

In order to achieve the objective of improving customer satisfaction, COMPANY_X seeks feedback from
customers on a formal / informal basis and acts on recommendations made.

5.2 Strategic Policy Management


COMPANY_X ensures that it remains in line with its overall strategic direction by following a series of business
policies.

5.2.1 Policies

The policies are designed to communicate why we operate in the way we do, and how we maintain our
strategic direction.

[Add example from policy, e.g. commitment to employee wellbeing, protection of the environment etc.] In order
to actually achieve those policies we will set company objectives and risk assess our processes in order to
ascertain the best possible procedure.

All policies are reviewed annually or when an internal or external influence requires.

5.2.2 Communicating our Policies

All public and private COMPANY_X policies can be found on [enter storage details here, e.g. company server /
intranet etc.]. Where necessary there may be Restricted Policies (such as financial) that are only available to
upper management.

Where necessary, these policies are made available to external interested parties.

All staff are made aware of the policies during the induction process and notified should any changes take
place.

5.3 Implementing our Policies


All major responsibilities required to implement the COMPANY_X policies are document and communicated via
the responsibilities matrix and isCompliant.

System and business performance is communicated both from the management team to the Directors, and
likewise from the Directors to the management team where appropriate.

9
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

All COMPANY_X employees / line managers / senior managers have the ability to report incidents or issues
direct to the management team and Directors. Where applicable, automatic RACI reporting is implemented
across the organisation.

Where an expected output is required to validate conformity, the responsible person or role will be defined
and communicated.

All processes within the organisation are monitored for performance, both good and bad, via the isCompliant
reporting tool. The process performance is monitored at a frequency identified by top management.

6.0 Planning

6.1 Identifying Risks and Opportunities


COMPANY_X have adopted a risk based approach to developing company procedures.

COMPANY_X recognise the significant safety mitigations, potential environmental


impacts and opportunities for improvement can be identified through the risk
assessment process.

All COMPANY_X Process are risk assessed prior to the establishment of a final working
procedure. The procedure takes into account any required mitigations or
opportunities for improvement highlighted during the risk assessment process

Hazard identification and risk assessment is performed continually throughout COMPANY_X’s activities. Health,
Safety, Business and Environmental risk assessments are carried out in accordance with the Risk Assessment
Procedure (P02).

The outputs and required mitigation measures are identified on isCompliant under the Risk Assessments
Module. Additional actions are then recorded in the Actions Module.

Environment aspects and impacts are listed in the Environmental Controls Module. Any actions associated
with reducing the impact will be highlighted in the Actions Module. This list is not exhaustive and is reviewed
against changing legislation and operations as part of the Management Review.

6.2 Company Objectives & Targets


COMPANY_X periodically define and review the Business, Quality, Environmental and
Health & Safety Objectives of the business. The current objectives can be viewed,
alongside their proposed actions, on isCompliant under the Company Objectives
Module. Alternatively they can be filtered out of the complete company Actions List in
the Actions Module. These objectives have been set to ensure the continual
improvement of the business. It is important that the objectives set are continually
monitored and reviewed to ensure the improvements are achieved.

Once objectives have been defined, they are communicated to all of the relevant individuals. If an objective is
specific to a department, programme or an individual, the management will ensure that a full understanding of
what is required is achieved.

Objectives can be set during the creation of an action from anywhere within isCompliant by simply ticking the
‘Objectives’ box.

10
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

The recording of Company Objectives is carried out in accordance with the Company Objectives Procedure
(P08). All objectives will have a documented target and indicator allowing their achievement to be monitored.
Objectives are allocated to a company processes and measured against expected deliverables.

6.3 Change Management


Prior to any major changes within the business, either strategic or process-based, the Directors or management
team will assess the possible implications throughout the organisation.

The assessment may or may not be documented, depending on the scale of the change.

Any changes have cost of operational implications will be discussed at a management team level to establish
any possible implications and risks. Any discussions and actions arising from the assessment will be recorded
and allocated via isCompliant.

7.0 Support

7.1 Resources
7.1.1 General

COMPANY_X will identify and provide the resources required to ensure that our service / product is delivered
in line with client and company expectations, safely and with a minimal impact on the environment (where
possible). COMPANY_X will determine and provide the resources needed for the establishment,
implementation, maintenance and continual improvement of the company processes.

Within these resource requirements COMPANY_X will identify the actions and deliverables required from
external resources.

The resources will include, people, infrastructure and environmental. Where applicable the resources will be
monitored for suitability and effectiveness.

7.1.2 People

COMPANY_X will ensure that it has the right people for the right jobs, where ever possible. In the event that
the internal resources are not available, COMPANY_X will seek external assistance for suitably qualified and
experienced personnel.

7.1.3 Infrastructure

COMPANY_X provides suitable and adequate facilities (buildings, equipment and support services) to support
its work in both the UK and abroad. The head office is equipped with appropriate IT equipment and internet to
ensure continual communication both on and off site. The management structure ensures that supervision is
readily available at all times.

COMPANY_X headquarters are located at:

Registered Office: Head Office:

11
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

COMPANY_X COMPANY_X
Address Line 1 Address Line 1
Address Line 2 Address Line 2
Address Line 3 Address Line 3
Address Line 4 Address Line 4
Postcode Postcode

7.1.4 Environment

COMPANY_X have implemented various HR policies and controls to encourage a healthy working environment
both physically and mentally.

The work environment is continually addressed for health, safety and environmental risks.

7.1.5 Monitoring and Measuring Resources

Any resources that are required for measurement and monitoring will be managed
from within the Assets Module. All assets will be managed in accordance with the
Assets Procedure (P13).

Any individuals with responsibilities for assets requiring calibration or servicing will
receive alerts from the Assets Module prior to the expiry dates.

Traceability of materials and assets will be dealt with on a project to project basis. Due
to the nature of the COMPANY_X services, traceability is only applicable to intellectual knowledge and
documentation.

7.1.6 Organisational Knowledge

COMPANY_X continually assesses and improves the organisational knowledge available to its resources.

The primary sources of knowledge provision and retention are:

 E.g. Internal procedural documentation


 E.g. Management records and plans

7.2 Competency
COMPANY_X addresses competence, awareness and training to ensure that:
 All skills that affect productivity are identified
 Appropriate training is provided
 Current training is evaluated for effectiveness
 Employees are made aware of the importance of their tasks

Appropriate training and safe employment of competent personnel is the key to achieving client satisfaction
throughout COMPANY_X.

By acknowledging the requirements of the client and ISO 9001:2015, ISO 14001:2015, and OHSAS 18001:2007,
COMPANY_X has identified and implemented an Employee Appraisal Procedure (P15-1) and Employee
Training & Competence Procedure (P15-2). Whenever COMPANY_X hires a new employee, the appropriate
training plan will be followed and recorded.

12
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

Training records are included in the personnel files of each employee and saved against the qualifications
section in the Employees Module of isCompliant.

7.3 Awareness
COMPANY_X ensures that all employees, and where appropriate, associates are aware of the following:

 Company policies
 Company objectives and targets
 Roles and responsibilities
 Risks and their mitigations
 Environmental aspects of the organisation and their impacts
 Emergency requirements (where applicable)
 Implications of not following process

7.4 Communication
Communication of information is managed through accessibility to [e.g. company server / intranet] and
https://COMPANY_X.iscompliant.net.

The following table identifies various communication owners.

Information Internal Communication External Communication


HSE Impacts and Risks E.g. Safety Manager
Contractual Matters E.g. Managing Director
Improvement Opportunities
Company News (Internal)
Financial Information
Performance Indicators
Incidents / Issues

COMPANY_X have implemented a RACI communications model, which automatically contacts the relevant
personnel in the event of an incident using predetermined classifications.

7.5 Documented Information


7.5.1 General

As a large majority of COMPANY_X’s documents are used in everyday processes, it is possible to continually
address their effectiveness and suitability.

All standard company documentation can be found on the company document portal. PDF copies of procedural
documents can be found on the relevant module pages of isCompliant and on the portal. All management
documents are controlled and issued by senior management. Operational documents that do not impact on
QHS&E matters are controlled by individuals.

The Business Management System Documentation is a compilation of the following:

13
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

IMS Documentation Description


Documented Policy Statements These are policy statements which set out our commitment to and
overall approach in relation to various matters, such as Quality, Health,
Safety & Environment.
Documented Objectives These are the global objectives that have been set by the senior
management of the organisation, and which set out the specific
objectives that drive the business and have been set in line with the
policy statements of the business.
Integrated Management Manual This manual summarises the policies and procedures which form the
basis of the integrated management system (as required by
ISO9001:2015, ISO14001:2015 and OHSAS18001:2007).
Environmental Aspects & Impacts Identification Details of environmental aspects affecting the business, their impact
and what we are doing in relation to it.
Legislation Index and Database A list of the legislation which we are required to monitor and comply
with (in the UK and in each programme).
Risk Assessments Formal risk assessments (which comply with the requirements of ISO
14001:2015 and OHSAS 18001:2007). These risks are, where
appropriate, recorded on isCompliant, together with the appropriate
mitigation measures.
Observation & Incident Reporting and All incidents or observations are recorded on isCompliant as an Action.
Recording (follow-ups) These are classified as a Fix, and either an Observation, LTI, Non-LTI, or
Non-Conformity.
Documented Procedures (including mandatory, The individual procedures which are required under the integrated
and those required to assist in the planning, management system (including training, purchasing and internal audit)
organisation and control of the processes) have been documented as flowcharts and are recorded in the
Document Register and stored on the company server. A PDF copy can
be found on isCompliant.
Records (including mandatory, and those Documents forming part of, or generated by, the IMS manual.
required in the planning, organisation and
control of the processes)
isCompliant A cloud based online management system that collates all records
http://COMPANY_X.iscompliant.com pertaining to successful and effective management practices and
enables them to report on the health and improvement of the
organisation.
Document register The document register identifies the requirements for disposal and
retention of all records.

All documents are available in either hard copy or digital format.

7.5.2 Creating and Updating

COMPANY_X manages and controls documents as described in the Document Control Procedure (P17-1).

All documentation and pro-forma associated with the IMS can be found in [enter storage details here, e.g.
company server / intranet].

7.5.3 Control of Documented Information

COMPANY_X manages and controls records as described in the Record Control Procedure (P17-2). Records are
kept and controlled for the period of time detailed in the Document Register or as per client requirements.

14
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

Management records can be found in a live format at http://COMPANY_X.iscompliant.net. A


record can be found anywhere that displays the green document icon.

As a rule, the following records are also stored in the online management system:

Record Location on isCompliant.com

Legislation or Specifications Legislation Index Module

Risk Assessments Risk Assessment Module

Emergency Plans Emergency Planning Module

Environmental Controls and Records of Impacts and


Environmental Controls Module
Aspects

Material Safety Data Sheet Uploaded to a COSHH Assessment in COSHH Module

Customer Feedback Feedback Module

Training Records Uploaded to an Employee Record in the Employees Module

Company Objectives Company Objectives Module

Meeting Records Meeting Module

Approved Supplier Form Suppliers Module

Supplier Records Suppliers Module

Objective Evidence for Audits and Audit Reports Uploaded to an Audit Record in the Audits Module

Asset Service Certifications / Calibrations etc. Uploaded to an Asset Record in the Assets Module

8.0 Operation

8.1 Operational Planning and Control


COMPANY_X plan and develop the processes needed to provide our services to our clients.

This ensures that:

1. The product / service is provided in line with the client’s requirements and expectations.
2. The product / service is provided in line with the COMPANY_X working processes.

These processes detail:

 The objectives that must be met to satisfy the client’s requirements


 The processes and resources required to fulfil the service
 Monitoring and validation of the processes to ensure successful delivery of services
 The reports, including any specific requirements, to be produced on the service provided
 Identification of any environmental aspects associated with the procedures and processes involved
with providing the service
 Communication of mitigation measures required to reduce or prevent health, safety or environmental
issues.

15
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

 Identification of any health and safety aspects associated with the procedures and processes involved
with providing the service

8.2 Requirements for Products and Services


8.2.1 Customer Communication

Communication channels are available at all times throughout the client enquiry, contract and feedback
process.

 Details of all COMPANY_X services can be found on our website, brochures and social media.
 Clients and prospects are provided with written confirmation of our ability to meet the client
requirements prior to contract acceptance.
 Feedback is sought periodically from clients and where necessary prospects where tenders were not
successful.
 Direct lines of communication exist between all account holders and clients.
 Direct lines of communications are established between clients and COMPANY_X Directors.

 Where necessary, project specific Information security controls are implemented with respect to client
intellectual property.

The organisation’s Quality Policy and Health, Safety and Environmental policies are available on request. The
environmental aspects and impacts, if requested, can be provided on the agreement of senior management.
Any questions relating to Environmental or Health & Safety issues should be directed to PERSON_X,
(POSITION).

Confidential information is treated as such, and shared as appropriate.

If any complaints or negative feedback is received from customers, senior management is informed and the
matter is investigated using the Feedback Module on isCompliant which is controlled by the Problems,
Improvements & Actions Procedure (P06-3).

8.2.2 Determining Client Requirements

Prior to issuing a proposal, COMPANY_X will review all information / tender documentation to ensure that we
have a full understanding of the contract requirements and expectations.

This will enable us to validate that we can:

1. Meet the clients expectations


2. Meet contractual obligations
3. Implement the contract without detriment to either COMPANY_X, its processes of personnel.

4. Meet legislative and statutory obligations

A proposal will then be produced in line the COMPANY_X Project Control Procedures (P14-1, P14-2 and P14-
3).

If COMPANY_X feels that it cannot meet either points 1, 2 or 3 as stated above, deviations will be highlighted
within the proposal for client acceptance or refusal.

8.2.3 Review of Client Requirements

Every order placed by the client will be reviewed against the original proposal.

16
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

This will ensure that:

1. The order matches the proposal: should the order differ from the proposal a clarification will be
sought and if necessary an amendment to either proposal or order.
2. Expectations on both sides can still be met.
3. The service delivery will result in the expected deliverables and any necessary sub-deliverables.
4. Any sub-contracts or suppliers are still able to provide in accordance with previous agreements.

8.2.4 Changes to Requirements

Any changes to the requirements will be re-addressed in the proposal and where necessary recorded on the
Project initiation sheet.

Any changes that could affect internal processes or service offerings will be fed back into the management
review process.

If there are changes to expectations or contract during a live project then these will be addressed with the
client prior to charging. Likewise no additional work will be carried out until the client has agreed terms.

8.2.5 Emergency Planning and Response

COMPANY_X manage and respond to emergencies in accordance with written


Emergency Plans. These are controlled as per the Emergency Planning Procedure
(P03).

There is a potential during all operations for accidents or emergencies to occur.


Incidents, especially those outside the normal scope of operations, can pose a serious
risk of injury or damage to property and the threat of damage to the environment.

Standard emergency plans are put in place by all teams before any work commences to ensure that there will
be an appropriate reaction to any accident or incident.

The emergency plans will address, business, health, safety, occupational and environmental issues.

8.3 Design and Development of Products and Services


8.3.1 General

COMPANY_X have designed their scope of services through experience and competency. The delivery of our
product / service is designed through best practice and continual improvement. Design of service delivery is
[enter what is designed, e.g. products, training delivery etc.].

8.3.2 Design & Development Planning

Prior to offering a new service or product, COMPANY_X identifies the impacts, threats or opportunities that it
may have on the existing business operations and clients.

The design control process is primarily associated with [enter details here].

8.3.3 Design & Development Inputs

Inputs required to verify design suitability, compliance and delivery are identified in Design Procedure (PXX).

8.3.4 Design & Development Controls

The controls required to ensure that [enter details of design and development controls here].

17
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

8.3.5 Design & Development Outputs

The outputs and deliverables expected from the design process are identified on a contract specific basis and
confirmed by the client prior to design and delivery. These are confirmed in the Design and Delivery
Specification. This process is identified in the Design Procedure (PXX).

8.3.6 Design & Development Changes

All changes that impact on predetermined deliverables will be reviewed by the product / service developer,
delivery partner (if appropriate) and client. Any changes will be assessed for impact on product / service cost
and timescales.

If necessary the changes will be risk assessed for impacts on the business as a whole as well as the contracted
deliverables.

8.4 Control of Externally Provided Processes, Products and Services


8.4.1 General

COMPANY_X relies on external parties and suppliers for the following:

Category Requirement
E.g. Subcontractors E.g. Provision of management systems consultancy

The primary objectives involved with identifying a supplier are:

 Can the supplier / subcontractor supply the product requested?


 What is the length of time before delivery?
 Is the product / service of suitable quality?
 If applicable, does the supplier / subcontractor hold the relevant skills, training, qualifications and
experience?
 Is the price competitive?

Where a new supplier is used, COMPANY_X will establish that the above criteria have been met before an
order is placed. If a new subcontractor is used, a thorough investigation into their qualifications, history,
experience, competence and references will be carried out, the details of which will be placed on isCompliant
under the Suppliers Module.

COMPANY_X ensures that all suppliers are approved (where applicable) before placing an order or issuing an
engagement contract. This is achieved by following the Purchasing Procedure (P12-2 & P12-3).

8.4.2 Type and Extent of Control

The following controls are placed on the above categories.

Category Controls
E.g. Consultancy E.g.
 Purchase Order where appropriate
 Contract specification

18
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here


8.4.3 Information for External Providers

Before a purchase is confirmed, the supplier will be contacted to ensure that they are able to supply the goods
in the required timescale, and to confirm the price. Purchases will be confirmed with the supplier, including
details of the items being ordered, price and any delivery details.

Services provided by consultants that directly impact on COMPANY_X services or client facing activities will be
carefully specified prior to an order being placed.

Any issues that arise with a purchased product or service (including subcontractors) will be recorded on
isCompliant under the Suppliers Module.

All items bought are checked upon delivery. Any anomalies will be recorded on isCompliant and reported to the
supplier. If an action is required, this will be followed up by POSITION_X.

8.5 Service Provision


8.5.1 Control of Service Provision

COMPANY_X plans its services through controlled and proven methodologies. By planning the process and
continually reviewing the procedures, COMPANY_X can identify any areas that impact on quality, health and
safety risks, and environmental aspects.

All personnel have access to the tools and equipment they require to enable safe, effective and efficient
product provision. If there is a requirement for alternative tools or equipment this will be raised through the
appropriate chain of command.

If a process highlights a possible environmental risk, then a HS&E risk assessment will be carried out to identify
any required mitigation measures.

All of the services carried out by COMPANY_X can be validated. The validation shall demonstrate the ability of
the processes to achieve planned results, and shall include:

 E.g. Defined criteria for review and approval of the process


 Requirements for records

8.5.2 Identification and Traceability

All document or reports created on behalf of the client will be created with either the COMPANY_X job number
of the client-specific contract number.

Records shall be maintained to enable accurate reporting to clients on the output from the service. These
records will include details of the activities undertaken, costs incurred and staff resources used on each
contract.

8.5.3 Client Property

COMPANY_X shall exercise the utmost care and apply the utmost confidentiality with all client physical and
intellectual property. If any property belonging to a client is lost, damaged or otherwise unsuitable for use, a
report will be made to the client and an investigation will be carried out in accordance with the Problems,
Improvements & Actions Procedure (P06-1).

19
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

8.5.4 Preservation

COMPANY_X shall ensure that all documentation and information generated during service provision is
maintained and managed with respect to data integrity and security.

8.5.5 Post Delivery Activities

Where necessary and allowable, COMPANY_X will retain projects specific information to ensure that any
enquiries related to work carried out by COMPANY_X can be answered after project completion.

8.5.6 Control of Changes

Changes to both internal processes and projects are managed within COMPANY_X on a risk based approach.
Should a change be required, the Directors will assess the likelihood of impact on either the project or other
internal processes within the organisation.

If the change is proposed on a live project then the client will be informed of any possible cost or milestone
implications.

If the client is requesting the change, then COMPANY_X will assess the impact on existing deliverables and
inform the client of any possible cost or milestone implications.

If the change is agreed, COMPANY_X will make a decision on whether the original terms require to be changed
or whether we can absorb the risk with the original conditions.

8.6 Release of Products and Services


COMPANY_X control the release of the following business activities:

Control Release Mechanism


E.g. Purchase Orders E.g. Director Signature
E.g. Timesheets E.g. Line Manager Signature
E.g. Contractual Documents E.g. Quality Manager & HSE Manager Signature

Records of the above approvals can be found in [enter storage details here, e.g. company server].

8.7 Control of Project Issues and Incidents


Project issues and incidents (non-conformities) indicates that part of the management system may not
performing to its full potential or requires improving. Issues principally relate a systematic failure of an
established process. This can include health, safety and environmental incidents, and accidents. All non-
conformities are recorded and investigated in accordance with the Problems, Improvements & Actions
Procedure (P06-1).

20
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

All accidents or reportable incidents will be dealt with in accordance with RIDDOR. The information will be
recorded in the Actions Module of isCompliant.

Incidents can be recorded via the Incidents button in isCompliant. Dependant on the severity and type of the
incident, isCompliant will implement the relevant RACI rules and inform all relevant personnel via telephone
and email.

All issues or incidents reported by a client will be recorded via the incidents tab and assessed for validity.

9.0 Performance Evaluation

9.1 Monitoring, Measurement, Analysis and Evaluation


Monitoring, measurement, analysis and evaluation of processes is carried out on a continuous basis within
COMPANY_X.

9.1.1 General

All internal processes within COMPANY_X are monitored for performance (both positive and negative) via the
isCompliant action reporting tool.

The reports for isCompliant are reviewed on a monthly basis by upper management.

9.1.2 Client Satisfaction

Client satisfaction is key to the way COMPANY_X operates.

Where clients evaluate the service provided by COMPANY_X, feedback received is


used to validate the processes applied and identify areas for improvement.

Care will be taken to ensure that honest and unbiased feedback is gathered,
irrespective of outcome of the project.

All feedback provided through our questionnaire will be added to the isCompliant Feedback Module. This
section of the database has been developed to record information both as a formal submission and through
information routes such as conversation.

Any feedback that could be classed as negative will be recorded as an incident which will automatically prompt
the requirement for an investigation.

9.1.3 Analysis and Evaluation

COMPANY_X collect and evaluate the following information to monitor process performance.

Process Data Collected Collection Vehicle


E.g. Audit Effectiveness E.g. isCompliant
 Actions and issues identified during auditing
 Frequency of Audits
 Timeliness of Audits

21
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here






9.2 Internal Audit


Internal audits shall be conducted to ensure compliance with the internal processes
and external influences. Where possible, internal audits are carried out on a process
basis and linked back to any relevant risk assessments. Internal audits are carried out in
accordance with the Auditing Procedure (P10).

The audits are carried out in accordance with the internal audit schedule which is can
be found in the Audits Module of isCompliant. The internal audit schedule segregates
the organisation into manageable processes and highlights what activities are audited during which activities.
Internal audit checklists have been developed and can be found in the Templates section of the Audits Module.

Additional compliance audits are carried out on high risk areas of the business such as those that require
legislative compliance.

9.3 Management Review


COMPANY_X will review all business operations and processes annually to ensure
that they remain efficient and applicable to the business strategic objectives.

Management Reviews are carried out and implemented in accordance with the
Management Review Procedure (P09-2).

The agenda for the management review will include (as a minimum) the following discussion points:
1. Outstanding actions from the previous meeting
2. Identification of new external and internal influences
a. Legislation
b. HSE COP and direction
3. Review of performance
a. Customer complaints / feedback
b. Objectives
c. Process trends
d. Issues and incidents
e. Audit results and actions
f. Summary of supplier / associate / consultant performance
4. Resource requirements and performance
5. Review of actions / objectives required to reduce risk and increase opportunities since last meeting
6. Opportunities for improvement
7. Communication of major changes to documentation and policies
8. AOB

As a minimum the following outputs should be recorded:

22
Integrated Management System Manual
M01
COMPANY_X Name or Logo
R0 – Date here

1. Opportunities for improvement


2. Process and procedural changes
3. Resource needs

10.0 Improvement

10.1 General
Every process within COMPANY_X is focused on identifying opportunities for improvement. As an agile SME,
we continually address how we achieve our goals in order to improve our service and reputation.

10.2 Non Conformity and Corrective Actions


COMPANY_X record and manage any issues that indicate a failure in the company processes. COMPANY_X class
all non-conformities as issues. Each issue is given a classification and reported via the incident button in
isCompliant or during an internal audit.

A list of all issues / incidents raised can be found in the isCompliant Company Tab. All issues or incidents are
recorded in accordance with the Problems, Improvements & Actions Procedure (P06-1). Health, Safety or
Environmental incidents are reported internally in accordance with the automatic RACI rules within
isCompliant. All accidents or reportable incidents will be dealt with in accordance with RIDDOR. The
information will be recorded in the Actions Module of isCompliant.

Each issue / incident will be investigated and the following information recorded.

 The facts surrounding the potential non-conformance are documented


 An evaluation of the suggested improvement is carried out to ensure an improvement will be achieved
from any change in the procedures
 The changes which will result in overall improvements are implemented
 The effectiveness of the changes is reviewed

10.3 Continual Improvement


COMPANY_X ensure that there is continual improvement in its service delivery and
therefore throughout the management system. This is achieved by:
 Reviewing strategy and objectives
 Review of all operational documentation
 Review of all management documentation
 Implementation of a full audit programme
 Feedback from clients, interested 3rd parties, and other external bodies
 Review of Environmental Impacts
 Review of Health & Safety Requirements

COMPANY_X continually strives to improve the processes used to deliver our service. The improvements can be
summarised in the following areas:

 Reduction in Occupational Health & Safety Risks


 Increased benefits for clients
 Reduction of environmental impacts associated with supplying the service

23
Integrated Management System Manual
COMPANY_X Name or Logo M01
R0 – Date here

11.0 Standard Cross-Referencing

Manual Section ISO 9001 Clause Satisfied ISO 14001 Clause Satisfied OHSAS 18001 Clause Satisfied Associated Procedures isCompliant Module
1.0 General 4.0 Context of the Organisation 4.0 Context of the Organisation 4.0 General M01 Management Manual

2.0 Index & Revision Status 4.0 Context of the Organisation 4.0 Context of the Organisation 4.0 General M01 Management Manual

3.0 Company Background 4.0 Context of the Organisation 4.0 Context of the Organisation 4.0 General M01 Management Manual Legislation

4.0 About COMPANY_X 4.0 Context of the Organisation 4.0 Context of the Organisation 4.1 General Requirements M01 Management Manual

4.1 What Influences our 4.1 Understanding the organisation 4.1 Understanding the organisation M01 Management Manual
Organisation and its context and its context

4.2 What are the Expectations of 4.2 Understanding the needs and 4.2 Understanding the needs and 4.1 General Requirements M01 Management Manual
the Interested Parties expectations of interested parties expectations of interested parties

4.3 Scope and Applicability 4.3 Determining the scope of the 4.3 Determining the scope of the 4.1 General Requirements Organisational Chart
quality management system environmental management M01 Management Manual
system

4.4 The Management System 4.4 Quality Management system 4.4 Environmental Management 4.1 General Requirements Organisational Chart
and its processes System M01 Management Manual

5.0 Leadership 5.0 Leadership 5.0 Leadership 4.4.1 Resources, Roles, Skills Matrix Meetings
Responsibilities and authority Management Reviews
Organisational Chart
P09-1 Meetings Procedure
P09-2 Management Review
Procedure

5.1 General 5.1 Leadership and Commitment 5.1 Leadership and Commitment 4.4.1 Resources, Roles, Skills Matrix Employees
Responsibilities and authority Management Reviews

5.2 Strategic Policy Management 5.2 Quality Policy 5.2 Environmental Policy 4.2 OH&S Policy M03 Quality Policy
M04 HSE Policy

24
Integrated Management System Manual
COMPANY_X Name or Logo M01
R0 – Date here

Manual Section ISO 9001 Clause Satisfied ISO 14001 Clause Satisfied OHSAS 18001 Clause Satisfied Associated Procedures isCompliant Module
5.3 Implementing our Policies 5.3 Organisational roles, 5.3 Organisational roles, 4.2 OH&S Policy M03 Quality Policy
responsibilities and authorities responsibilities and authorities M04 HSE Policy

6.0 Planning 6.0 Planning 6.0 Planning 4.3 Planning P02 Risk Assessment Procedure Risk Assessments

6.1 Identifying Risks and 6.1 Actions to address risks and 6.1 Actions to address risks and 4.3 Planning P03 Emergency Planning Risk Assessments
Opportunities opportunities opportunities Procedure
Actions
P09-2 Management Review
Environmental Controls
Procedure
6.2 Company Objectives and 6.2 Quality Objectives and 6.2 Environmental Objectives and 4.3 Planning Objectives
P14-1 Project Procedure
Targets planning to achieve them planning to achieve them
P14-2 Project Management
6.3 Change Management 6.3 Planning of Changes 6.3 Planning of Changes Procedure
Organisational Chart

7.0 Support 7.0 Support 7.0 Support 4.4 Implementation and operation M01 IMS Manual Projects

7.1 Resources 7.1 Resources 7.1 Resources 4.4.1 Resources, Roles, Operational Procedures Clients
Responsibilities and authority P14-1 Project Procedure Employees
P14-2 Project Management Suppliers
Procedure
Assets
P15-1 Employee Appraisal
7.2 Competency 7.2 Competency 7.2 Competency 4.4.2 Training, Awareness & Employees
Procedure
Competence
P15-2 Employee Training &
7.3 Awareness 7.3 Awareness 7.3 Awareness 4.4.2 Training, Awareness & Competency Procedure Employees
Competence
P17-1 Document Control
7.4 Communication 7.4 Communication 7.4 Communication 4.4.3 Communication, Procedure Meetings
participation and consultation
P17-2 Record Control Procedure
7.5 Documented Information 7.5 Documented Information 7.5 Documented Information 4.4.4 Documentation Documents
4.4.5 Control of documents
4.5.4 Control of records

8.0 Operations 8.0 Operation 8.0 Operation 4.4 Implementation and operation M01 IMS Manual Suppliers
Operational Procedures Projects

25
Integrated Management System Manual
COMPANY_X Name or Logo M01
R0 – Date here

Manual Section ISO 9001 Clause Satisfied ISO 14001 Clause Satisfied OHSAS 18001 Clause Satisfied Associated Procedures isCompliant Module
8.1 Operational Planning and 8.1 Operational Planning and 8.1 Operational Planning and 4.4.6 Operational Control P14-1 Project Procedure Projects
Control Control Control P12-2 Purchasing Procedure Clients

8.2 Requirements for Products and 8.2 Requirements for Products and 8.2 Emergency preparedness and 4.4.7 Emergency preparedness and P14-2 Project Management Suppliers
Services Services response response Procedure

8.3 Design and Development of 8.3 Design and Development of


Products and Services Products and Services

8.4 Control of Externally Provided 8.4 Control of Externally Provided P12-2 Purchasing Suppliers
Processes, Products and Services Processes, Products and Services

8.5 Service Provision 8.5 Service Provision P02 Continual Improvement Reporting
Measurement & Analysis

8.6 Release of Product or Services 8.6 Release of Product or Services P14-2 Project Management Projects

8.7 Control of Issues and Incidents 8.7 Control of Issues and Incidents P06-1 Problems, Improvements & Incidents
Actions Audits
P06-2 Creating an Action
9.0 Performance Evaluation 9.0 Performance Evaluation 9.0 Performance Evaluation 4.5 Checking Actions
Procedure
9.1 Monitoring, Measurement, 9.1 Monitoring, Measurement, 9.1 Monitoring, Measurement, 4.5.1 Performance Measuring & Reporting
P06-3 Continual Improvement
Analysis and Evaluation Analysis and Evaluation Analysis and Evaluation Monitoring
4.5.2 Evaluation of compliance

9.2 Internal Audits 9.2 Internal Audits 9.2 Internal Audits 4.2 OH & S Policy P10 Auditing Procedure Audits
4.5.1 Performance Measuring & P06-1 Problems, Improvements &
Monitoring Actions
P06-2 Creating an Action
Procedure

9.3 Management Reviews 9.3 Management Reviews 9.3 Management Reviews 4.6 Management review P09-2 Management Review Meetings
Procedure

10.0 Improvement 10.0 Improvement 10.0 Improvement 4.5.3 Incident investigation, P06-1 Problems, Improvements & Actions
nonconformity, corrective Actions Procedure Incidents
action and preventive action

26
Integrated Management System Manual
COMPANY_X Name or Logo M01
R0 – Date here

Manual Section ISO 9001 Clause Satisfied ISO 14001 Clause Satisfied OHSAS 18001 Clause Satisfied Associated Procedures isCompliant Module
10.1 General 10.1 General 10.1 General 4.5.3 Incident investigation, P06-1 Problems, Improvements & Incidents
nonconformity, corrective Actions Procedure Emergency Planning
action and preventive action

10.2 Non Conformity and 10.2 Non Conformity and 10.2 Non Conformity and 4.5.3 Incident investigation, P06-1 Problems, Improvements & Incidents
Corrective Actions Corrective Actions Corrective Actions nonconformity, corrective Actions Procedure Actions
action and preventive action
10.3 Continual Improvement 10.3 Continual Improvement 10.3 Continual Improvement P06-3 Continual Improvement Actions
Procedure Objectives

11.0 Standard Cross Referencing

27
Integrated Management System Manual
COMPANY_X Name or Logo M01
R0 – Date here

Issue
Reason for Revision Prepared By Approved By Date Issued
Number

0 Initial Draft For Review Name Name Date

28